Would Anybody Like a GAO Audit? Finding Lessons in DHS’s Large Scale IT Example

Review of GAO Audit: “Despite Progress, DHS Continues to Be Challenged in Managing Its Multi-Billion Dollar Annual Investment in Large-Scale Information Technology Systems”

I was interested in this because large scale IT systems seem to be a challenge for everyone. Hoping there might be some good points to ponder or other “lessons” in the text, I reviewed the article and provide a summary of some key points below.

Interestingly enough, I think the report finds that their woes revolve around process issues and an inability to retain/hire/develop the right skill sets to support their mission.

Overall, the end of the article speaks to five different systems that are reflected in the main body of the document and are worth a read. However, you may want to first skim the article and make note of the following themes:
1) Page 12: Recommends “strengthening the process” (Novel idea: how about just following it?)
— Regular Mile Stone review amongst other normal system life-cycle steps ignored/skipped/followed inconsistently
2) Page 16: Not establishing metrics for quantitative decision making
— Page 14: 2/3 projects did not have life cycle cost estimates
— Page 13: how about “undocumented and subjective determinations”
3) Page 17: Not just about quality in process, but repeatability across all organizations
— page 18: since 2004, components still using systems in place (no uniform standard across the enterprise).
— Page 15: DHS going to use a new system to track cost / schedule /budget
— This “process shifting” hurts the ability to define a repeatable one. Now shifting to a new system, there will be kinks to work out here too (don’t expect any quick wins!)
4) Page 18: “Interim guide does not address all key activities for each life-cycle phase”
— still unwilling to fully implement the systems engineering life-cycle, more process shifting
— “DHS will remain challenged in its ability to acquire and develop systems in a defined and repeatable manner”
— Key activities in product selection ignored, including interoperability
5) Page 19: IT workforce does not have skill sets to support the mission, nor do they have the right process in place to ensure it
— Page 20: hiring contract specialists as a remedy (not a solution, how about some engineers/computer scientist who understand the technology and can correctly identify and evaluate products based on the mission need, systems lifecycle, etc)
— Are hiring these skill set making it easier to spend money faster to buy more junk? Is this practice more about “feeling good” about the “steps taken” but in reality they are not addressing the underlying problem?
— Page 22: “… the plan and supporting documents described the department’s IT human capital goals and steps necessary to implement them, most steps did not include associated milestones.”
— Page 22: “… did not assign those stakeholders specific responsibilities against which to hold them accountable for results”
6) Page 23: “FEMA’s Office of Information Technology does not have a strategic IT human capital plan, although officials report that one is to be completed in fiscal year 2010”
— How long has this systemic problem existed? Wouldn’t this have been a great goal 6 years ago?
7) Page 24: Paper highlights five large scale programs as example ACE, US-VISIT, Rescue 21, Secure Flight, and SBInet
— You can find the underlying themes above in these stories.

Happy reading!

Leave a Comment

Leave a comment

Leave a Reply